I've just pushed a tag for the first release candidate for version 1.3.0
of the TSS libraries. It's available here:
https://github.com/01org/tpm2-tss/releases/tag/1.3.0-rc0
The CHANGELOG is very short, just fixing two broken macros and adding
support for the EncryptDecrypt2 command. This release is necessary for
users with TPM2 devices that have deprecated support for the
EncryptDecrypt function. Support for this function in the tools is
forthcoming.
Any additional testing & feedback would be much appreciated.
Philip

Branch: refs/heads/3.X
Home: https://github.com/intel/tpm2-tools
Commit: 69769d4cd1e20caba59c87de58eba77b743dc50b
https://github.com/intel/tpm2-tools/commit/69769d4cd1e20caba59c87de58eba7...
Author: William Roberts <william.c.roberts(a)intel.com>
Date: 2017-11-28 (Tue, 28 Nov 2017)
Changed paths:
M test/system/test_tpm2_encryptdecrypt.sh
M tools/tpm2_encryptdecrypt.c
Log Message:
-----------
tpm2_encryptdecrypt: drop -D YES|NO argument
tpm2_encryptdecrypt takes a -D argument to indicate to the
tool to perform a decrypt operation. The option currently
requires an argument of YES or NO. Remove this requirment
and make the default operation encrypt and the -D option
trigger a decryption.
No update to the manpage is required, as this change places it
in line with the man page.
Fixes: #614
Signed-off-by: William Roberts <william.c.roberts(a)intel.com>

Branch: refs/heads/master
Home: https://github.com/intel/tpm2-tools
Commit: faec469f3f56d1365a31d363b45cd9992e0a38cd
https://github.com/intel/tpm2-tools/commit/faec469f3f56d1365a31d363b45cd9...
Author: Javier Martinez Canillas <javierm(a)redhat.com>
Date: 2017-11-28 (Tue, 28 Nov 2017)
Changed paths:
M lib/tpm2_util.h
M tools/tpm2_encryptdecrypt.c
Log Message:
-----------
lib: mask TPM_RC to only get the bits set by the TPM
The TPM only uses the lower 12 bits from the 32 bits of TPM_RC, the other
layers uses some of the higher unused 20 bits to indicate from which layer
of the stack the error comes from.
So mask the low-order 12 bits of the TPM_RC variable instead comparing TPM
response codes directly. There's no need to mask when the check is against
TPM_RC_SUCCESS, since in this case the upper 20 bits are going to be zero.
Fixes: #646
Signed-off-by: Javier Martinez Canillas <javierm(a)redhat.com>

Branch: refs/heads/master
Home: https://github.com/intel/tpm2-tools
Commit: c104848f6d8f24dfa891a94ce0a169544ad86bd8
https://github.com/intel/tpm2-tools/commit/c104848f6d8f24dfa891a94ce0a169...
Author: William Roberts <william.c.roberts(a)intel.com>
Date: 2017-11-28 (Tue, 28 Nov 2017)
Changed paths:
M tools/tpm2_rsaencrypt.c
Log Message:
-----------
tpm2_rsaencrypt: fix file argument
Based on argument ordering and getopt handling, the code was getting lucky and
actually properly grabing the input file at argv[1]. However, the first
item in the array is really argv[0].
A result could be that the input file is NULL, which means read data
from stdin and the tool will hang.
Fixes: #664
Signed-off-by: William Roberts <william.c.roberts(a)intel.com>